Question

我在连接到HTTPS服务时遇到异常。

我已经在多个论坛中进行了交叉检查，并了解到服务器中使用的算法可能不那么安全，符合Java1.8的标准。

同样通过评论＆＃34; jdk.certpath.disabledAlgorithms＆＃34;属于＆＃34; Java \ jdk1.8.0_51 \ jre \ lib \ security \ java.security＆＃34;文件我们可以启用禁用的算法。但它没有帮助，即使在评论之后也会得到同样的错误。

其他分析点：

更新了无限强度本地策略jar文件。
能够使用相同的独立程序连接到服务机。
甚至可以从独立程序连接到服务＆＃34; jdk.certpath.disabledAlgorithms＆＃34;属性已启用。

我的代码使用自签名证书连接到HTTPS连接，该证书中的算法是否会超过默认的java属性？低于例外的任何其他可能性？

javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificates does not conform to algorithm constraints
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) ~[na:1.8.0_51]
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949) ~[na:1.8.0_51]
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302) ~[na:1.8.0_51]
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296) ~[na:1.8.0_51]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1497) ~[na:1.8.0_51]
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212) ~[na:1.8.0_51]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) ~[na:1.8.0_51]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914) ~[na:1.8.0_51]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062) ~[na:1.8.0_51]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) ~[na:1.8.0_51]
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747) ~[na:1.8.0_51]
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123) ~[na:1.8.0_51]
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82) ~[na:1.8.0_51]
at java.io.BufferedOutputStream.write(BufferedOutputStream.java:121) ~[na:1.8.0_51]
at org.apache.commons.httpclient.WireLogOutputStream.write(WireLogOutputStream.java:68) ~[commons-httpclient-3.1.jar:na]
at org.apache.commons.httpclient.methods.multipart.FilePart.sendData(FilePart.java:223) ~[commons-httpclient-3.1.jar:na]
at org.apache.commons.httpclient.methods.multipart.Part.send(Part.java:312) ~[commons-httpclient-3.1.jar:na]
at org.apache.commons.httpclient.methods.multipart.Part.sendParts(Part.java:385) ~[commons-httpclient-3.1.jar:na]
at org.apache.commons.httpclient.methods.multipart.MultipartRequestEntity.writeRequest(MultipartRequestEntity.java:164) ~[commons-httpclient-3.1.jar:na]
at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499) ~[commons-httpclient-3.1.jar:na]
at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114) ~[commons-httpclient-3.1.jar:na]
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096) ~[commons-httpclient-3.1.jar:na]
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398) ~[commons-httpclient-3.1.jar:na]
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) ~[commons-httpclient-3.1.jar:na]
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) ~[commons-httpclient-3.1.jar:na]
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) ~[commons-httpclient-3.1.jar:na]

Answer 1

您的问题可能是

“我的代码使用自签名证书连接到HTTPS连接”

不要使用自签名证书，或者必须在服务器和客户端使其受信任。

证书不符合算法约束 - Java1.8_51

1 个答案: